On Sun, 2011-05-22 at 23:44 -0400, Richard Stallman wrote: > Do you mean to say that the people at CSAIL ought to switch to using > SpamAssasin instead of filtering in Mailman?
We *are* using SpamAssassin *as well as* filtering in Mailman. > Jay, do you see a reason not to do it that way? There are complicated site-specific reasons why SpamAssassin isn't a complete solution for our Mailman mailing lists in our current mail infrastructure; I'd rather not get bogged down in that discussion in this venue. SpamAssassin is definitely a big part of our repertoire, though. The immediate problem for me was that (as as Mark explained in his mail dated Friday night his time), the sender filters use get_sender(), which is unhelpful with messages with multiple From: lines, since the return value will be random (or worse, chosen to benefit the spammer). One thing I do to help block spoofed spam to mailing lists is to to block mail that claims to be from the list address itself, which catches the common case of spammers spoofing the from address to be the same as the to address. Because of that, I was surprised to see these messages get through to the list, since they *did* include the list address itself (as well as a bunch of other addresses in our domain) in the From: lines. The explanation that the sender filters are applied only against one particular address explains what was going on (and confirms my suspicion). However, that means that as more spammers use this technique, either sites are going to have to start blocking mail with multiple From: addresses at SMTP time -- and I discovered to my surprise that we *do* have legitimate senders using that feature -- or Mailman's sender filters are going to become somewhat less useful. --Jay ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org